package com.hujing.springsecurity.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @Author : hujing
 * @Date: 2025/6/19 14:25
 * @Description: 
 */    
@Configuration
public class SecurityConfig {

    /**
     * 配置Spring Security，确保应用程序中的所有HTTP请求都需要用户进行身份验证（登录）。
     * 一旦用户尝试访问任何页面，Spring Security会自动显示登录表单，用户在表单中输入正确的凭据后才能访问应用程序的页面
     * @param http
     * @return
     * @throws Exception
     */
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception{
        http.authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .oauth2ResourceServer()
                .jwt();
        
        return http.build();
    }
}
